This oft-seen wonderfully weird photo depicts Hugo Gernsback wearing his “teleyeglasses” in 1963. Gersnback, an inventor of such innovations as a combination electric hair brush/comb and a battery-powered handheld illuminated mirror, is best known to science fiction fans as the founder of Amazing Stories magazine! Gernsback coined the term “science fiction” and the Hugo Awards […]

As U.S. headlines bombard us with proof of how low humanity can go, here’s a look at a happy, peaceful, and prosperous country — The Netherlands — to remind us that it is actually possible for the human race to get it right. If people want to change present circumstances through liberal ideals, it’s helpful to look […]

Steven “Hackers” Levy has a long view of Trump: as radical as he is, he’s only a drop in the bucket compared to the political and social changes wrought by technology: “Who was king during the industrial revolution in England? The quirks and flaws of government leaders are not relevant information when studying the enlightenment. […]

The Boing Boing Store’s Gift Guide is full of ideas for pretty much anyone in your life like hipster ice cub trays, Xbox controllers, Halo Boards, and even diamond necklaces. As always, all products in the Boing Boing Store come at great discounts, too. Shop by price bucket starting at under $20. Under $20:Bloxx Jumbo Ice Trays […]

Unlike traditional lighters, the SaberLight features an electronic plasma beam that’s both rechargeable and butane-free. This sleek lighter is even approved by TSA, so you’ll never be stuck buying lighters you’ll just have to throw away partially used. For some people, like me, this is a pretty big game-changer. The SaberLight’s beam is actually both hotter and cleaner […]

Holiday shopping is in full swing, and the Striiv Touch is one of the best gift ideas I’ve landed on. Its simple design works for females and males, and its wide range of features makes it suitable for even the non-fitness enthusiasts in your life.Unlike traditional fitness trackers, the Striiv Touch also acts as a smartwatch. It […]

RFID (orRadio-frequency identification) has been something featured on here for a number of years as a potential tracking device. At one time the UK was wanting to have all Passports fitted with an RFID chip to enable “convenience” in processing travel. However it also meant that you could be tracked anywhere your passport went, just like geotracking on your mobile.

Tests also showed that they were also easily hacked and, since the chip contained all the information on your passport, they made a handy target for identity thieves.

“In-ness” is clearly difficult to judge; particularly among an eclectic crowd like the BoingBoing gallery. I have felt like you do here at times (i think the last time was a sudden unexplained attack of “my little pony” posts). I happen to know a bit about RFID so this post struck me as copacetic. That is, your impatience here has shown me the narrowed error of my ways – thankee!

http://www.wired.com/threatlevel/2009/08/fed-rfid/
RFID chips can be read remotely and data can potentially be obtained for malicious purposes. RFID chips are in some Government ID cards, passports, and potentially some credit cards. It’s another possible way to steal information that can be used to track people, perform ID theft and possibly steal credit card numbers.

I’ve never quite understood the obsession with RFIDs. Security issues are there, you don’t want someone to be able to steal your credit card info with a machine, but that is hardly insurmountable (and I don’t know of any cases outside of a lab of it actually happening).

The range of those things is very low and they would make a terrible vector for surveillance especially given everyone carries a phone anyhow.The one thing they are super useful for is using cards without having to get them out of your wallet. So do people block them, what from?

To put it bluntly, RFID cards can be copied. A copy may look like another RFID card, or it might look like a notebook, textbook, magazine, be embedded in the sleeve of a jacket or shirt. It might look to the casual observer like an old wind-up watch, perhaps not even functional. However if the copy is of your credit card, or your drivers license so you can go through border crossings easier, whomever has that copy can use your credit card, or can cross the border easier as a result.

The other thing that happens, even if no-one is making copies of your card, every time that card is read, a record of that transaction is made. This may be nothing more than ‘card 900b1y900k read at [timestamp] by reader [serial number]’ or it may be a detailed record of every item that just passed by the cash register as part of your shopping purchase. And what that record contains, where it’s kept, by whom, for what purpose (Target sending coupons to you or your partner 3-6 months after one of you becomes pregnant) is not something that you have control over.

You may be OK with that. Or you may not. But consider that if you combine the two, it becomes trivially easy for someone to frame you as being at or near the scene of a crime, when in reality you’re sound asleep in bed, perhaps in a different city. Even if you are OK with the idea of keeping those records, and turning them over to the police if requested or with a court order, the fact that the evidence can be faked, really should worry you.

The other thing that happens, even if no-one is making copies of your card, every time that card is read, a record of that transaction is made. This may be nothing more than ‘card 900b1y900k read at [timestamp] by reader [serial number]’ or it may be a detailed record of every item that just passed by the cash register as part of your shopping purchase. And what that record contains, where it’s kept, by whom, for what purpose (Target sending coupons to you or your partner 3-6 months after one of you becomes pregnant) is not something that you have control over.

But the exact same thing can be done with any credit card or debit card, RFID or not.

Oh, cool — The local insurance company (Crown corporation at that) that you gotta get your drivers license through in this province actually hands these out along with the RFID-enabled drivers licenses which are supposed to get you through the border more smoothly. I brought the forbes article about the blackhat conference credit card reading thing up with my coworker and he showed me his. I’m not surprised that the credit card companies aren’t giving these out with their contactless credit cards though… Just sit and think how much profit they’d be out on if they actually tried stopping credit card fraud with a properly upgraded & engineered system :P

Yeah I just got mine, but for the enhanced licenses I am not sure what it is worth. All that is on the chip is the unique identifier that is printed on the card. I guess someone could make a duplicate but there is not personal info itself so unless they had everything else not much, also if they have managed to get into the system that actually uses said information on the chip, well they can just go look anyone up at that point so the string of unique gobbledygook is moot at that point.

If I have no choice about a credit card with RFID then I will definitely invest in a blocking wallet or sleeves like in the picture.

You are nice calling this “local insurance company”. I call that “provincial monopolistic racket”, a conflict of interest at that as they have no interest in prevention since the core of their business is to sell insurance as a prices that is 4 time the rate in other provinces private insurances.

Actually that’s not true. The scale is different – everybody has to earn their premium discount on a level playing field – your age and sex do not factor in to your base premium. This makes first year premiums significantly more expensive for some demographics, while substantially cheaper for others, compared to other systems. It all evens out depending on how careful you drive and how much you claim.

The range of those things is very low and they would make a terrible vector for surveillance
=============

There are other issues.

1.Think denial of service. They are low power, and they work on an ethernet like protocol. Just broadcast with higher power, and it doesn’t have to be that high, and you can deny all card readers in quite a range. Small 9 v battery, plus a bit of circuitry and you could stop a shop from working. Hidden on the premises, cash into an account and you will be told where it is (or it is removed). Cash then gets withdrawn via an ATM machine in other locations.

2. Think fake responses. For example, how about adding in extra items to a shopping basket remotely, or hiding the expensive items? Think about this if you are innocent and shop security gets you with items you haven’t paid for.

RFID is going to be the new black when it comes to crime and extortion.

The irony is bank or government “selling” RFID card “for your security”. Note that banks also make sure they defer the liability to the customers with the “enhanced security” they claim it provides (*hint* it does not)

The best one is when the Royal Bank sent me my RFID card. They sent it in the mail.

Preactivated.

Without informing me it was coming.

With a paper explaining how I could use it for $200 of purchases before it would ask for a PIN.

When I went in to complain and have the PINless stuff killed they said it wasn’t a security exploit because “No one uses that yet.” So not only security through obscurity, but security through obscurity that’s being destroyed by an ad campaign!

I moved all but a small chequing account out of the Royal Bank over that one. Should move the chequing, too, but with all the stuff tied to it it’ll take forever to do without disrupting something.